Computer object code obfuscation using boot installation
First Claim
1. A method of protecting computer program code, comprising the acts of:
- providing a file of computer program source code;
storing the file in a first computer readable memory;
compiling the stored file of source code into compiled code at a compiler;
obfuscating the compiled code, using one of a plurality of obfuscation processes wherein the obfuscation processes are each one of a Montgomery multiplication, a Quisquater multiplication, and a Barrett multiplication;
providing a boot installer program including a plurality of deobfuscation processes, one of which is complementary to the one obfuscation process;
storing the boot installer program in a second computer readable memory;
combining the obfuscated code and the boot installer program into one file; and
storing the one file in a third computer readable memory.
1 Assignment
0 Petitions
Accused Products
Abstract
In the field of computer software, obfuscation techniques for enhancing software security are applied to compiled (object) software code. The obfuscation results here in different versions (instances) of the obfuscated code being provided to different installations (recipient computing devices). The complementary code execution uses a boot loader or boot installer-type program at each installation which contains the requisite logic. Typically, the obfuscation results in a different instance of the obfuscated code for each intended installation (recipient) but each instance being semantically equivalent to the others. This is accomplished in one version by generating a random value or other parameter during the obfuscation process, and using the value to select a particular version of the obfuscating process, and then communicating the value along with boot loader or installer program software. This boot loader then selects which particular process to use for the code execution at the time of installation in accordance with the value. This results in different versions of the obfuscated code being provided to each recipient installation, which further enhances security of the code against reverse engineering by hackers.
24 Citations
10 Claims
-
1. A method of protecting computer program code, comprising the acts of:
-
providing a file of computer program source code; storing the file in a first computer readable memory; compiling the stored file of source code into compiled code at a compiler; obfuscating the compiled code, using one of a plurality of obfuscation processes wherein the obfuscation processes are each one of a Montgomery multiplication, a Quisquater multiplication, and a Barrett multiplication; providing a boot installer program including a plurality of deobfuscation processes, one of which is complementary to the one obfuscation process; storing the boot installer program in a second computer readable memory; combining the obfuscated code and the boot installer program into one file; and storing the one file in a third computer readable memory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. Apparatus for protecting computer code, comprising:
-
a memory for storing a file of computer program source code; a compiler coupled to the memory for compiling the source code into compiled code; an obfuscator coupled to the compiler to output obfuscated code, using one of a plurality of obfuscation processes wherein the obfuscation processes are each one of a Montgomery multiplication, a Quisquater multiplication, and a Barrett multiplication; a memory storing a boot installer program including a plurality of deobfuscation processes, one of which is complementary to the one obfuscation process; an assembler which combines the obfuscated code and the boot installer program into one file; and a third computer readable memory for storing the one file.
-
Specification
-
- Resources
-
Current AssigneeApple Inc.
-
Original AssigneeApple Inc.
-
InventorsCiet, Mathieu, Lerouge, Julien, Farrugia, Augustin J.
-
Primary Examiner(s)Moorthy, Aravind
-
Assistant Examiner(s)MEJIA, FELICIANO S
-
Application NumberUS12/047,207Publication NumberTime in Patent Office1,518 DaysField of Search713/190, 717/140US Class Current713/190CPC Class CodesG06F 21/14 against software analysis o...G06F 21/577 Assessing vulnerabilities a...
